27433 matches found
GHSA-7WWR-P84Q-QR3Q Typo3 Backend XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...
Typo3 Backend XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in the Backend component in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allow remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...
GHSA-V358-RVXR-WFFX Silverstripe XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...
Silverstripe XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via 1. a crafted string to the AbsoluteLinks 1. BigSummary 1. ContextSummary 1. EscapeXML 1. FirstParagraph 1. FirstSentence 1...
MoinMoin Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin before 1.9.6 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...
phpMyAdmin multiple cross-site scripting vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...
GHSA-5GH4-V2CH-PCX4 phpMyAdmin Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in 1 an anchor identifier to setup/index.php or 2 a chartTitle aka chart title value...
Improper Neutralization of Input During Web Page Generation in JavaMelody
Cross-site scripting XSS vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header...
GHSA-XC7Q-Q62F-WCVR Apache Solr for TYPO3 (solr) extension is vulnerable to Cross-site scripting (XSS)
Cross-site scripting XSS vulnerability in the Apache Solr for TYPO3 solr extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-H7JC-PG2R-MQJ4 Tiki Wiki CMS Groupware Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Tiki Wiki CMS Groupware Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Apache Struts is vulnerable to Cross-site Scripting
Multiple cross-site scripting XSS vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to 1 actionNames.action and 2 showConfig.action in config-browser/...
GHSA-89RQ-27XP-VGV7 Plone vulnerable to cross-site scripting
Multiple cross-site scripting XSS vulnerabilities in 1 spamProtect.py, 2 pts.py, and 3 request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
GHSA-6G7X-4C7M-G63M Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
GHSA-9CRX-P357-5VW8 Ajenti Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in plugins/main/content/js/ajenti.coffee in Ajenti before 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality...
Ajenti Cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in plugins/main/content/js/ajenti.coffee in Ajenti before 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via the command field in the Cron functionality...
GHSA-F5JH-Q6MP-9C8P ImpressCMS Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...
ImpressCMS Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...
Djblets Cross-site scripting Vulnerability
A cross-site scripting XSS vulnerability in gravatars/templatetags/gravatars.py in Djblets before 0.7.30 and 0.8.x before 0.8.3 for Django allows remote attackers to inject arbitrary web script or HTML via a user display name...